Noah Feldman’s column “Big cyberattacks should be handled by nations, not lawyers” [May 14, Opinion] on computer piracy is right — and wrong. He is correct when he talks about the history of piracy on the high seas. He is correct that we can go on the offense — to a point.
But computer piracy is different. A bad guy can walk into any coffee shop anywhere in the world and attack a pipeline operator in Georgia. In the real world, there are places where it is not safe to go. In the cyberworld, that’s just not so. I run a personal web server using open-source software and it is (always unsuccessfully) attacked once a minute.
The governments cannot solve the problem of computer security by going on offense. What governments can do is mandate rules and regulations for ensuring software security. Open-source software, public-code reviews, and mandating that software developers and system administrators go through continuing security training, are all things government could do.
There is nothing wrong with playing defense so long as you do it well.
Jeff Silverman, Seattle